我正在使用一门课程来学习如何对我的ASP.NET Core应用程序进行Docker化。我要在配置中使用的令牌服务器出现网络问题。
ASP.NET Core Web应用程序(webmvc
)允许通过令牌服务器(tokenserver
)进行授权。
令牌服务器
tokenserver:
build:
context: .\src\Services\TokenServiceApi
dockerfile: Dockerfile
image: shoes/token-service
environment:
- ASPNETCORE_ENVIRONMENT=ContainerDev
- MvcClient=http://localhost:5500
container_name: tokenserviceapi
ports:
- "5600:80"
networks:
- backend
- frontend
depends_on:
- mssqlserver
tokenserver
知道webmvc
网址。
webmvc
webmvc:
build:
context: .\src\Web\WebMvc
dockerfile: Dockerfile
environment:
- ASPNETCORE_ENVIRONMENT=ContainerDev
- CatalogUrl=http://catalog
- IdentityUrl=http://10.0.75.1:5600
container_name: webfront
ports:
- "5500:80"
networks:
- frontend
depends_on:
- catalog
- tokenserver
运行容器将确认webmvc
将尝试到达位于http://10.0.75.1:5600
的身份服务器。
通过在Windows计算机上运行ipconfig
,我确认DockerNAT正在使用10.0.75.1
:
Ethernet adapter vEthernet (DockerNAT):
Connection-specific DNS Suffix . :
IPv4 Address. . . . . . . . . . . : 10.0.75.1
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . :
从主机访问 http://10.0.75.1:5600/
时无法访问http://localhost:5600
。
但是,我必须依靠DockerNAT IP,因为webmvc
必须从其自己的容器访问服务,而localhost:5600没有意义:
docker exec -it webfront bash
root@be382eb4608b:/app# curl -i -X GET http://10.0.75.1:5600
HTTP/1.1 404 Not Found
Date: Fri, 03 Jan 2020 08:55:48 GMT
Server: Kestrel
Content-Length: 0
root@be382eb4608b:/app# curl -i -X GET http://localhost:5600
curl: (7) Failed to connect to localhost port 5600: Connection refused
"HostConfig": {
"Binds": [],
....
"NetworkMode": "shoesoncontainers_backend",
"PortBindings": {
"80/tcp": [
{
"HostIp": "",
"HostPort": "5600"
}
]
},
"NetworkSettings": {
"Bridge": "",
"SandboxID": "6637a47944251a4dc59205dc6e03670bc4b03f8bf38a7be0dc11b72adf6a3afa",
"HairpinMode": false,
"LinkLocalIPv6Address": "",
"LinkLocalIPv6PrefixLen": 0,
"Ports": {
"80/tcp": [
{
"HostIp": "0.0.0.0",
"HostPort": "5600"
}
]
},
"SandboxKey": "/var/run/docker/netns/6637a4794425",
"SecondaryIPAddresses": null,
"SecondaryIPv6Addresses": null,
"EndpointID": "",
"Gateway": "",
"GlobalIPv6Address": "",
"GlobalIPv6PrefixLen": 0,
"IPAddress": "",
"IPPrefixLen": 0,
"IPv6Gateway": "",
"MacAddress": "",
"Networks": {
"shoesoncontainers_backend": {
"IPAMConfig": null,
"Links": null,
"Aliases": [
"tokenserver",
"d31d9b5f4ec7"
],
"NetworkID": "a50a9cee66e6a65a2bb90a7035bae4d9716ce6858a17d5b22e147dfa8e33d686",
"EndpointID": "405b1beb5e20636bdf0d019b36494fd85ece86cfbb8c2d57283d64cc20e5d760",
"Gateway": "172.28.0.1",
"IPAddress": "172.28.0.4",
"IPPrefixLen": 16,
"IPv6Gateway": "",
"GlobalIPv6Address": "",
"GlobalIPv6PrefixLen": 0,
"MacAddress": "02:42:ac:1c:00:04",
"DriverOpts": null
},
"shoesoncontainers_frontend": {
"IPAMConfig": null,
"Links": null,
"Aliases": [
"tokenserver",
"d31d9b5f4ec7"
],
"NetworkID": "b7b3e8599cdae7027d0bc871858593f41fa9b938c13f906b4b29f8538f527ca0",
"EndpointID": "e702b29016b383b7d5872f8c55cad0f189d6f58f2631316cf0313f3df30331c0",
"Gateway": "172.29.0.1",
"IPAddress": "172.29.0.3",
"IPPrefixLen": 16,
"IPv6Gateway": "",
"GlobalIPv6Address": "",
"GlobalIPv6PrefixLen": 0,
"MacAddress": "02:42:ac:1d:00:03",
"DriverOpts": null
}
}
}
我还为具有高级安全性的Windows Defender防火墙中的端口5600创建了入站规则。
问题:如何在Windows 10上通过DockerNAT IP地址访问Docker容器?
答案 0 :(得分:0)
我认为您正在寻找host.docker.internal
。这是一个特殊的DNS名称,它使您可以从容器连接到主机上的服务或暴露在主机上的容器。
您可以详细解释here。
答案 1 :(得分:0)
我不确定为什么它不能按预期方式工作,但是使用提供的信息here,我能够弄清楚如何使其工作:
您可以尝试在防火墙中添加传入规则:
示例:
协议:any / tcp / udp / ... 程序:任何 动作:允许 本地端口:任何 远程端口:任何 本地地址:10.0.75.1 远程地址:10.0.75.0/24
,或者您可以尝试使用地址10.0.75.2代替10.0.75.1
对我来说,第二个解决方案有效。